<?php
error_reporting ( 0 );
session_start ();
header ( 'Content-Type: text/html; charset=UTF-8' );
require_once ("../in/tren.php");
require_once ("../in/zip.php");
$tit = 'Upload Game';
echo '<div class="navigation"><b>UpLoad Game</b></div><div align="right"><div style="border-top: 3px solid #13cfeb;"></div></div></div><div class="main_menu">';
if (! $user_id || $taikhoan ['quyen'] != 2) {
	header ( 'location:' . $set ['home'] . '' );
} else {
	switch ($_GET ['up']) {
		default :
			echo '</div><div style="background:#00a6ff; border-bottom: 5px solid #00a6ff;text-align:center;font-size=10px;">';
			echo '<table width="100%" cellpadding="0" cellspacing="0" border="0" align="center" valign=""><tr><td width="35%" bgcolor="" align="center"><font color="#ffffff"><b>UpLoad File</b></font></td><td width="45%" bgcolor="" align="center"><a href="?up=upurl" style="color:black"><div class="tab">Upload URL</div></a></td></tr></table></div>';
			echo '<div style="border-left:1px solid #00a6ff; border-bottom:1px solid #00a6ff; border-right:1px solid #00a6ff"><div style=" background:white; padding:2px; margin:2px"><div align="left">* Trừ những mục có <b style="color:red">*</b> ra còn lại có thể để trống hoặc chỉnh sửa sau.<br><form action="up.php?up=upload" method="post" enctype="multipart/form-data">&bull;Thể Loại: (<b style="color:red">*</b>)<br><select name="theloai"><option value="">Chọn một</option>';
			$sql = mysql_query ( "select `id`,`theloai` from `tlgame` order by theloai" );
			while ( $res = mysql_fetch_array ( $sql ) ) {
				echo '<option value="' . $res ['id'] . '">' . $res ['theloai'] . '</option>';
			}
			echo '</select><br>&bull;Chọn Tập Tin: (<b style="color:red">*</b>)<br><input type="file" name="file" size="15"/><br/>&bull; Tiêu Đề( Max 50): (<b style="color:red">*</b>)<br><input type="text" name="tieude" size="15" value=""><br/>&bull; Màn Hình:<br>Rộng <input type="text" name="r" size="3" value="">x Cao <input type="text" name="c" size="3" value=""><br/>
&bull; Nhà Sản Xuất( Max 20):<br><input type="text" name="sanxuat" size="15" value=""><br/>&bull; Mô Tả( Max 500, BBCode):<br><textarea cols="15" rows="3" name="mota"></textarea><br><input type="submit" value="Upload" /></form></div></div></div><hr>';
			break;
		case 'upurl' :
			echo '</div><div style="background:#00a6ff; border-bottom: 5px solid #00a6ff;text-align:center;font-size=10px;"><table width="100%" cellpadding="0" cellspacing="0" border="0" align="center" valign=""><tr><td width="35%" bgcolor="" align="center"><a href="?" style="color:black"><div class="tab">Upload File</div></a></td><td width="45%" bgcolor="" align="center"><font color="#ffffff"><b>UpLoad URL</b></font></td></tr></table></div><div style="border-left:1px solid #00a6ff; border-bottom:1px solid #00a6ff; border-right:1px solid #00a6ff"><div style=" background:white; padding:2px; margin:2px"><div align="left">* Trừ những mục có <b style="color:red">*</b> ra còn lại có thể để trống hoặc chỉnh sửa sau.<br><form action="up.php?up=url" method="post">&bull;Thể Loại: (<b style="color:red">*</b>)<br><select name="theloai"><option value="">Chọn một</option>';
			$sql = mysql_query ( "select `id`,`theloai` from `tlgame` order by theloai" );
			while ( $res = mysql_fetch_array ( $sql ) ) {
				echo '<option value="' . $res ['id'] . '">' . $res ['theloai'] . '</option>';
			}
			echo '</select><br>&bull;Nhập Url: (<b style="color:red">*</b>)<br/><input type="text" name="url" value="http://" size="15"/><br/>&bull; Tiêu Đề( Max 50): (<b style="color:red">*</b>)<br><input type="text" name="tieude" size="15" value=""><br/>&bull; Màn Hình:<br>Rộng <input type="text" name="r" size="3" value="">x Cao <input type="text" name="c" size="3" value=""><br/>
&bull; Nhà Sản Xuất( Max 20):<br><input type="text" name="sanxuat" size="15" value=""><br/>&bull; Mô Tả( Max 500, BBCode):<br><textarea cols="15" rows="3" name="mota"></textarea><br><input type="submit" value="Upload" /></form></div></div></div><hr>';
			break;
		case 'upload' : //trường hợp nhấn nút submit để upload(http://.../up.php?up=upload)
			$tieude = htmlspecialchars (stripslashes ( $_POST ['tieude'] ) );
			$mota = htmlspecialchars ( stripslashes ( $_POST ['mota'] ) );
			$sanxuat = htmlspecialchars ( stripslashes ( $_POST ['sanxuat'] ) );
			$theloai = $_POST ['theloai'];
			$_FILES ['file'] ['name'] = str_replace ( '+', '-', $_FILES ['file'] ['name'] );
			$_FILES ['file'] ['name'] = str_replace ( '%20', '-', $_FILES ['file'] ['name'] );
			$_FILES ['file'] ['name'] = str_replace ( ' ', '-', $_FILES ['file'] ['name'] );
			$_FILES ['file'] ['name'] = str_replace ( '_jar', '.jar', $_FILES ['file'] ['name'] );
			$_FILES ['file'] ['name'] = str_replace ( '.jar1', '.jar', $_FILES ['file'] ['name'] );
			$fn = $_FILES ['file'] ['name'];
			if (! cgame ( $fn )) {
				echo '<img src="../img/loi.png">Lỗi Định Dạng!<br>&laquo;<a href="?">Quay Lại</a></div>';
			} elseif (empty ( $_POST ['tieude'] )) {
				echo '<img src="../img/loi.png">Chưa Nhập Tiêu Đề!<br>&laquo;<a href="?">Quay Lại</a></div>';
			} elseif (empty ( $_POST ['theloai'] )) {
				echo '<img src="../img/loi.png">Chưa Chọn Thể Loại!<br>&laquo;<a href="?">Quay Lại</a></div>';
			} elseif (eregi ( '[^0-9]', $_POST ['r'] ) || eregi ( '[^0-9]', $_POST ['c'] )) {
				echo '<img src="../img/loi.png">Rộng và Cao Chỉ Gồm Số!<br>&laquo;<a href="?">Quay Lại</a></div>';
			} else {
                                //Lấy thời gian hiện tại
				$time = time ();
				$time1 = md5 ( $time );
				$link1 = substr ( $time1, 0, 5 );
				$r = rand ( 11111, 9999999 );
				$r1 = md5 ( $r );
				$link2 = substr ( $r1, 0, 5 );
				$r2 = rand ( 9999, 99999999 );
				$r3 = md5 ( $r2 );
				$link3 = substr ( $r3, 0, 5 );
                                //Tạo thư mục
				mkdir ( '../fgame/' . $link1 . '-' . $link2 . '-' . $link3 );
                                //Thay đổi thuộc tính file
				chmod( '../fgame/' . $link1 . '-' . $link2 . '-' . $link3, 0777 );
                                //Copy file
				copy ( $_FILES ['file'] ['tmp_name'], '../fgame/' . $link1 . '-' . $link2 . '-' . $link3 . '/' . $set ['tit'] . '--' . $_FILES ['file'] ['name'] );
				$path = '../fgame/' . $link1 . '-' . $link2 . '-' . $link3 . '/' . $set ['tit'] . '--' . $_FILES ['file'] ['name'];
				$link = $link1 . '-' . $link2 . '-' . $link3 . '/' . $set ['tit'] . '--' . $_FILES ['file'] ['name'];
				$dkm = $set ['home'] . '/fgame/index.php';
				$f = @fopen ( $dkm, 'r' );
				while ( $c = fread ( $f, 1024 ) )
					$filedata .= $c;
				file_put_contents ( '../fgame/' . $link1 . '-' . $link2 . '-' . $link3 . '/' . getWithoutPath ( $dkm ), $filedata );
				$filez = file_get_contents ( $path );
				file_put_contents ( 'file.zip', $filez );
				$archive = new PclZip ( 'file.zip' );
				$rule_list [0] = 'icon.png';
				$list = $archive->extract ( PCLZIP_OPT_PATH, '../fgame/' . $link1 . '-' . $link2 . '-' . $link3, PCLZIP_OPT_BY_NAME, $rule_list );
				if ($list) {
					$icon = $link1 . '-' . $link2 . '-' . $link3 . '/icon.png';
				} else {
					$icon = 'icon.png';
				}
				@unlink ( 'file.zip' );
				if (empty ( $_POST ['r'] ) || empty ( $_POST ['c'] )) {
					$kt = '';
				} else {
					$kt = $_POST ['r'] . ' x ' . $_POST ['c'];
				}
				@mysql_query ( "insert into `game` SET `thoigian`='" . date ( "d.m.y - H:i" ) . "', `link`='" . $link . "', `icon`='" . $icon . "', `tieude`='" . $tieude . "', `theloai`='" . $theloai . "', `mota`='" . $mota . "', `sanxuat`='" . $sanxuat . "', `manhinh`='" . $kt . "'" );
				echo '&bull;Bạn đã tải lên thành công.!<br>
&bull; ID Game: ' . mysql_insert_id () . '<br>
&bull; Tên Game: ' . $_FILES ['file'] ['name'] . '
</div><br><div class="main_menu">&raquo;<a href="up.php">Up Tiếp</a></div><div class="main_menu">&raquo;<a href="../game/?id=' . mysql_insert_id () . '">Tới Game Này</a></div><div class="main_menu">&laquo;<a href="../game">Về Danh Sách</a></div>';
			}
			break;
		case 'url' : //trường hợp loại up là url (http://.../up.php?up=upurl)
			$tieude = htmlspecialchars ( stripslashes ( $_POST ['tieude'] ) );
			$mota = htmlspecialchars ( stripslashes ( $_POST ['mota'] ) );
			$sanxuat = htmlspecialchars ( stripslashes ( $_POST ['sanxuat'] ) );
			$theloai = $_POST ['theloai'];
			$_POST ['url'] = p20repl ( $_POST ['url'] );
			$f = @fopen ( $_POST ['url'], 'r' );
			while ( $c = fread ( $f, 1024 ) )
				$filedata .= $c;
			$_POST ['url'] = str_replace ( '+', '-', $_POST ['url'] );
			$_POST ['url'] = str_replace ( '%20', '-', $_POST ['url'] );
			$_POST ['url'] = str_replace ( ' ', '-', $_POST ['url'] );
			$_POST ['url'] = str_replace ( '_jar', '.jar', $_POST ['url'] );
			$fn = $_POST ['url'];
			if (! $f) {
				echo '<img src="../img/loi.png">Url Lỗi!<br>&laquo;<a href="?">Quay Lại</a></div>';
			} elseif (! cgame ( $fn )) {
				echo '<img src="../img/loi.png">Lỗi Định Dạng!<br>&laquo;<a href="?up=upurl">Quay Lại</a></div>';
			} elseif (empty ( $_POST ['theloai'] )) {
				echo '<img src="../img/loi.png">Chưa Chọn Thể Loại!<br>&laquo;<a href="?up=upurl">Quay Lại</a></div>';
			} elseif (empty ( $_POST ['tieude'] )) {
				echo '<img src="../img/loi.png">Chưa Nhập Tiêu Đề!<br>&laquo;<a href="?up=upurl">Quay Lại</a></div>';
			} elseif (eregi ( '[^0-9]', $_POST ['r'] ) || eregi ( '[^0-9]', $_POST ['c'] )) {
				echo '<img src="../img/loi.png">Rộng và Cao Chỉ Gồm Số!<br>&laquo;<a href="?up=upurl">Quay Lại</a></div>';
			} else {
				$time = time ();
				$time1 = md5 ( $time );
				$link1 = substr ( $time1, 0, 5 );
				$r = rand ( 11111, 9999999 );
				$r1 = md5 ( $r );
				$link2 = substr ( $r1, 0, 5 );
				$r2 = rand ( 9999, 99999999 );
				$r3 = md5 ( $r2 );
				$link3 = substr ( $r3, 0, 5 );
				mkdir ( '../fgame/' . $link1 . '-' . $link2 . '-' . $link3 );
				chmod ( '../fgame/' . $link1 . '-' . $link2 . '-' . $link3, 0777 );
				$dkm = $set ['home'] . '/fgame/index.php';
				$f2 = @fopen ( $dkm, 'r' );
				while ( $c2 = fread ( $f, 1024 ) )
					$filedata2 .= $c2;
				file_put_contents ( '../fgame/' . $link1 . '-' . $link2 . '-' . $link3 . '/' . getWithoutPath ( $dkm ), $filedata2 );
				file_put_contents ( '../fgame/' . $link1 . '-' . $link2 . '-' . $link3 . '/' . $set ['tit'] . '--' . getWithoutPath ( $_POST ['url'] ), $filedata );
				$filename = getWithoutPath ( $_POST ['url'] );
				$path = '../fgame/' . $link1 . '-' . $link2 . '-' . $link3 . '/' . $set ['tit'] . '--' . getWithoutPath ( $_POST ['url'] );
				$filez = file_get_contents ( $path );
				file_put_contents ( 'file.zip', $filez );
				$archive = new PclZip ( 'file.zip' );
				$rule_list [0] = 'icon.png';
				$list = $archive->extract ( PCLZIP_OPT_PATH, '../fgame/' . $link1 . '-' . $link2 . '-' . $link3, PCLZIP_OPT_BY_NAME, $rule_list );
				if ($list) {
					$icon = $link1 . '-' . $link2 . '-' . $link3 . '/icon.png';
				} else {
					$icon = 'icon.png';
				}
				@unlink ( 'file.zip' );
				if (empty ( $_POST ['r'] ) || empty ( $_POST ['c'] )) {
					$kt = '';
				} else {
					$kt = $_POST ['r'] . ' x ' . $_POST ['c'];
				}
				$link = $link1 . '-' . $link2 . '-' . $link3 . '/' . $set ['tit'] . '--' . getWithoutPath ( $_POST ['url'] );
				@mysql_query ( "insert into `game` SET `thoigian`='" . date ( "d.m.y - H:i" ) . "', `link`='" . $link . "', `icon`='" . $icon . "', `tieude`='" . $tieude . "', `theloai`='" . $theloai . "', `mota`='" . $mota . "', `sanxuat`='" . $sanxuat . "', `manhinh`='" . $kt . "'" );
				echo '&bull;Bạn đã tải lên thành công.!<br>
&bull; ID Game: ' . mysql_insert_id () . '<br>
&bull; Tên Game: ' . getWithoutPath ( $_POST ['url'] ) . '
</div><div class="main_menu">&raquo;<a href="up.php?up=upurl">Up Tiếp</a></div><div class="main_menu">&raquo;<a href="../game/?id=' . mysql_insert_id () . '">Tới Game Này</a></div><div class="main_menu">&laquo;<a href="../game">Về Danh Sách</a></div>';
			}
			break;
	}
}
require_once ("../in/duoi.php");
?>